this post was submitted on 11 Oct 2024
177 points (94.0% liked)

You Should Know

33201 readers
97 users here now

YSK - for all the things that can make your life easier!

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)


Rule 1- All posts must begin with YSK.

All posts must begin with YSK. If you're a Mastodon user, then include YSK after @youshouldknow. This is a community to share tips and tricks that will help you improve your life.



Rule 2- Your post body text must include the reason "Why" YSK:

**In your post's text body, you must include the reason "Why" YSK: It’s helpful for readability, and informs readers about the importance of the content. **



Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.



Rule 4- No self promotion or upvote-farming of any kind.

That's it.



Rule 5- No baiting or sealioning or promoting an agenda.

Posts and comments which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.



Rule 6- Regarding non-YSK posts.

Provided it is about the community itself, you may post non-YSK posts using the [META] tag on your post title.



Rule 7- You can't harass or disturb other members.

If you harass or discriminate against any individual member, you will be removed.

If you are a member, sympathizer or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people and you were provably vocal about your hate, then you will be banned on sight.

For further explanation, clarification and feedback about this rule, you may follow this link.



Rule 8- All comments should try to stay relevant to their parent content.



Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.



Rule 10- The majority of bots aren't allowed to participate here.

Unless included in our Whitelist for Bots, your bot will not be allowed to participate in this community. To have your bot whitelisted, please contact the moderators for a short review.



Partnered Communities:

You can view our partnered communities list by following this link. To partner with our community and be included, you are free to message the moderators or comment on a pinned post.

Community Moderation

For inquiry on becoming a moderator of this community, you may comment on the pinned post of the time, or simply shoot a message to the current moderators.

Credits

Our icon(masterpiece) was made by @clen15!

founded 1 year ago
MODERATORS
 

If you plug a USB drive into Microsoft Windows, in many cases it will try to do things "for you" with the drive. Not a great idea. There could be malware lurking on that USB drive.

There are a couple of things you can do to help mitigate the issue. These tips assume Windows 11.

Turn off Autoplay

  • Open Settings. Press Windows + I to open the Settings app.
  • Go to Bluetooth & devices. In the left sidebar, click on "Bluetooth & devices."
  • Select Autoplay. Scroll down and click on "Autoplay."
  • Turn Off Autoplay. You'll see a toggle switch labeled "Use Autoplay for all media and devices." Turn this off.

This will turn it off completely. You can, if you want, make individual settings for different types of devices.

Deny Execute Access (Pro or Enterprise versions of Windows 11)

  • Open Group Policy Editor. Press Windows + R, type gpedit.msc, and press Enter.
  • Navigate to the Removable Storage Access Policies. Go to Computer Configuration > Administrative Templates > System > Removable Storage Access.
  • Modify Policies. You can enable the policy "Removable Disks: Deny execute access" to prevent execution from removable drives.
  • Apply and Reboot.

Note, there are some cases where you may want to execute scripts or programs from a removable drive. If that's the case, you may not want to do this, or make a note of it so you can re-enable if needed.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 11 points 1 month ago (1 children)

wasn't autoplay here since like win98 or so though?

[–] [email protected] 12 points 1 month ago (2 children)

95, and they disabled it circa Vista because it was obviously a stupid idea.

Ironically, this was originally only for drives that reported themselves as optical media (CD/DVD), but now modern versions of Windows actually won't autoplay an immutable commercially pressed CD, even if it has the correct autoplay.inf file on its root directory structure, but somehow it will autorun things on a flash drive which is a medium explicitly capable of being fucked with by a malicious actor.

Because that makes sense.

[–] [email protected] 5 points 1 month ago

It does make sense from the perspective of "destroy the public's perception of 'unsafe' USB storage so that we can push them to use our 'safe' cloud storage (on our terms) instead".

[–] [email protected] 2 points 1 month ago (1 children)

That seems to be the opposite of what the others are saying: https://en.wikipedia.org/wiki/Autorun.inf#Inf_handling

Windows 7, Windows 8, Windows 8.1, Windows 10

For all drive types, except DRIVE_CDROM, the only keys available in the [autorun] section are label and icon. Any other keys in this section will be ignored. Thus only CD and DVD media types can specify an AutoRun task or affect double-click and right-click behaviour.[9][10]

[–] [email protected] 4 points 1 month ago

Malicious actors are getting USB drives to autorun somehow. If they're not using built in Windows capabilities, they're engaging in shenanigans emulating HID inputs over USB or something.

All I know from personal experience is that modern Windows will not autorun a CD anymore, even though up until XP it would.